与我们联系

CVE-2016-5195

Common Vulnerabilities and Exposures

Upstream information

Description

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Note from the SUSE Security Team

The "DirtyCOW" problem affects all SUSE Linux Enterprise kernels after SUSE Linux Enterprise 11 and all openSUSE kernels. SUSE Linux Enterprise Server 10 and older kernels do not meet some preconditions for this issue and so are not exploitable to our knowledge.

Status of this issue by product and package

Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.